package com.netcetera.android.girders.core.network.http;

import android.content.res.AssetManager;
import android.text.TextUtils;
import ch.boye.httpclientandroidlib.HttpHost;
import ch.boye.httpclientandroidlib.conn.scheme.PlainSocketFactory;
import ch.boye.httpclientandroidlib.conn.scheme.Scheme;
import ch.boye.httpclientandroidlib.conn.scheme.SchemeRegistry;
import ch.boye.httpclientandroidlib.conn.ssl.SSLSocketFactory;
import ch.boye.httpclientandroidlib.conn.ssl.TrustStrategy;
import ch.boye.httpclientandroidlib.conn.ssl.X509HostnameVerifier;
import com.netcetera.android.girders.core.GirdersApp;
import com.netcetera.android.girders.core.encryption.keystore.KeyStoreManager;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.cert.Certificate;
import java.util.ArrayList;

/* loaded from: classes.dex */
public class ApacheClientHTTPS extends ApacheClientHTTP {

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes.dex */
    public static final class KeyStoreAndPassword {
        private final KeyStore keystore;
        private final String password;

        public KeyStoreAndPassword(KeyStore keyStore, String str) {
            this.keystore = keyStore;
            this.password = str;
        }
    }

    public ApacheClientHTTPS(HttpConfiguration httpConfiguration) {
        this(httpConfiguration, getKeystore(httpConfiguration));
    }

    private ApacheClientHTTPS(HttpConfiguration httpConfiguration, KeyStoreAndPassword keyStoreAndPassword) {
        this(httpConfiguration, keyStoreAndPassword != null ? keyStoreAndPassword.keystore : null, keyStoreAndPassword != null ? keyStoreAndPassword.password : null);
    }

    public ApacheClientHTTPS(HttpConfiguration httpConfiguration, KeyStore keyStore, String str) {
        this(httpConfiguration, keyStore, str, getTruststore(httpConfiguration));
    }

    public ApacheClientHTTPS(HttpConfiguration httpConfiguration, KeyStore keyStore, String str, KeyStore keyStore2) {
        super(httpConfiguration, keyStore, str, keyStore2);
    }

    private static KeyStoreAndPassword getKeystore(HttpConfiguration httpConfiguration) {
        if (!httpConfiguration.getEnableClientCertificate()) {
            return null;
        }
        String decryptedKeystorePassword = httpConfiguration.getDecryptedKeystorePassword();
        return new KeyStoreAndPassword(loadKeystore(httpConfiguration.getKeystoreType(), httpConfiguration.getKeystoreFilename(), decryptedKeystorePassword), decryptedKeystorePassword);
    }

    private static KeyStore getTruststore(HttpConfiguration httpConfiguration) {
        if (!httpConfiguration.getEnableServerTrust()) {
            return null;
        }
        String serverCertificates = httpConfiguration.getServerCertificates();
        if (TextUtils.isEmpty(serverCertificates)) {
            return null;
        }
        return loadTrustStore(splitFilenames(serverCertificates));
    }

    private static KeyStore loadKeystore(String str, String str2, String str3) {
        if (TextUtils.isEmpty(str2)) {
            return null;
        }
        try {
            return new KeyStoreManager(str).readKeystore(GirdersApp.getInstance().getAssets().open(str2), str3);
        } catch (Exception e) {
            throw new RuntimeException("Error loading keystore", e);
        }
    }

    private static KeyStore loadTrustStore(String[] strArr) {
        AssetManager assets = GirdersApp.getInstance().getAssets();
        ArrayList arrayList = new ArrayList(strArr.length);
        for (String str : strArr) {
            try {
                arrayList.add(KeyStoreManager.loadX509Certificate(assets.open(str, 3)));
            } catch (Exception e) {
                throw new RuntimeException(e);
            }
        }
        try {
            return new KeyStoreManager(KeyStore.getDefaultType()).generateKeystore((Certificate[]) arrayList.toArray(new Certificate[arrayList.size()]));
        } catch (KeyStoreException e2) {
            throw new RuntimeException(e2);
        }
    }

    private static String[] splitFilenames(String str) {
        return str.contains(";") ? str.split(";") : new String[]{str};
    }

    protected X509HostnameVerifier createHostnameVerifier(HttpConfiguration httpConfiguration) {
        return SSLSocketFactory.BROWSER_COMPATIBLE_HOSTNAME_VERIFIER;
    }

    @Override // com.netcetera.android.girders.core.network.http.ApacheClientHTTP
    protected SchemeRegistry createSchemeRegistry(HttpConfiguration httpConfiguration, KeyStore keyStore, String str, KeyStore keyStore2) {
        SchemeRegistry schemeRegistry = new SchemeRegistry();
        schemeRegistry.register(new Scheme(HttpHost.DEFAULT_SCHEME_NAME, 80, PlainSocketFactory.getSocketFactory()));
        schemeRegistry.register(new Scheme("https", 443, createSslSocketFactory(httpConfiguration, keyStore, str, keyStore2)));
        return schemeRegistry;
    }

    protected SSLSocketFactory createSslSocketFactory(HttpConfiguration httpConfiguration, KeyStore keyStore, String str, KeyStore keyStore2) {
        return createSslSocketFactory(httpConfiguration, keyStore, str, keyStore2, null);
    }

    protected SSLSocketFactory createSslSocketFactory(HttpConfiguration httpConfiguration, KeyStore keyStore, String str, KeyStore keyStore2, TrustStrategy trustStrategy) {
        try {
            return new SSLSocketFactory(null, keyStore, str, keyStore2, null, trustStrategy, createHostnameVerifier(httpConfiguration));
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }
}
